In order to operate effectively and fulfill its legal obligations, Eden Recruitment collects, maintains and uses certain personal information about current, past and prospective employees, customers, suppliers and other individuals with whom it has dealings. All such personal information, whether held on computer, paper or other media, will be obtained, handled, processed, transported and stored lawfully and correctly, in accordance with the safeguards contained in the European Union-wide framework known as the General Data Protection Regulation (GRDR).
Eden Recruitment is committed to the principles of data protection as detailed in the GDPR. These principles state that the employer will:
- Obtain and process the information fairly.
- Keep it only for one or more specified and lawful purposes.
- Process it only in ways compatible with the purposes for which it was given to you initially.
- Keep it safe and secure.
- Keep it accurate and up to date.
- Ensure that it is adequate, relevant and not excessive.
- Retain it no longer than is necessary for the specified purpose or purposes.
- Give a copy of his/her data to any individual, on request.
In order to comply with the data protection principles, Eden Recruitment will:
- observe fully all conditions regarding the fair collection and use of personal information;
- meet its legal obligations to specify the purpose for which information is used;
- collect and process appropriate personal information only to the extent that it is needed to fulfill operational needs or to comply with legal obligations;
- ensure the quality of the personal information used;
- apply strict checks to determine the length of time personal information is held;
- ensure that individuals about whom information is held are able to exercise their rights under the GDPR, including the right to be informed that processing is taking place, the right of access to their own personal information, the right to prevent processing in certain circumstances and the right to correct, rectify, block or erase incorrect information;
- take appropriate technical and organisational security measures to safeguard personal information;
- ensure that personal information is not transferred outside the EEA without suitable safeguards.
- Overall responsibility for ensuring that the Company complies with its data protection obligations rests with the Managing Director.
- It is the responsibility of all employees to ensure that personal information provided to the Company, for example, current address, is accurate and up to date. To this end, employees are required to inform the Company immediately when changes occur.
- Employees whose role involves the collection, maintenance, and processing of personal information about other employees, customers, suppliers or any other individuals with whom the Company has dealings are responsible for following the Company’s rules on good data protection practice as notified from time to time by their Director.